omg i feel so dumb, of course the results are in quotes...
i've shamefully been giving bad info on long spf strings and misusing
dig for a very long time.
maybe rspamd is working correctly and I have just an idiot owner.
k
On 1/14/2021 3:36 PM, John Levine wrote:
In article <06a8f365-813e-375e-2cab-3d1125823...@kouzmanoff.com> you write:
# dig TXT __spf.campaign.adobe.com +short
;; Warning: Message parser reports malformed message packet.
RFC 7208 Section 3.3, the 255-octet maximum length of a
character-string within a single TXT record.
I count at least 57 ip ranges of 32,257 ip addresses, which is kind of
absurd.
My email server spf checker (UDP) will truncate after 255 characters and
probably error out too but I've never checked. SPF validation is only
one part of many to whether I want to accept the email or not.
For the record, if your SPF checker does that, it's badly broken.
RFC 7208 and its predecessor 4408 make it crystal clear that multiple
strings in a SPF TXT record are valid. You just glue them together and
treat them as one long string.
That Adobe record is the longest one I've ever seen but its syntax is
fine. The quotes you see in dig output show the breaks between the
text strings which SPF ignores.
FWIW, DKIM text records have exactly the same rule for multiple strings.
R's,
John
_______________________________________________
mailop mailing list
mailop@mailop.org
https://list.mailop.org/listinfo/mailop
